Glossary 


access controls A set of bits that specify the 
types of operations a requestor is authorized to 
perform on a given catalog node, record, or 
attribute type. 

address template A set of AOCE templates that 
allow a user to enter address information into a 
User record. 

AOCE Apple Open Collaboration Environment. 

AOCE catalog A hierarchically arranged store 
of data in a format intelligible to the AOCE 
Catalog Manager. See also external catalog, 
PowerShare catalog. 

AOCE messaging system The set of Power Talk 
system software and PowerShare mail servers 
that allows Macintosh users and processes 
connected over a network or via a modem to 
exchange information. 

AOCE Setup catalog See PowerTalk Setup 
catalog. 

AOCE system software The collection of 
Macintosh Operating System managers and 
utility functions that provide APIs for catalog, 
messaging, and security services. The AOCE 
system software includes the Standard Mail 
Package, the Standard Catalog Package, AOCE 
templates, the Interprogram Messaging Manager, 
the Catalog Manager, the Authentication 
Manager, and the Digital Signature Manager, as 
well as utility functions. See also PowerTalk 
system software. 

AOCE template A resource file that extends the 
AOCE extension to the Finder to display new 
types of data in catalogs or to display data in a 
new way. See also aspect template, file type 
template, forwarder template, information page 
template, killer template. 

AOCE toolbox The low-level APIs for the 
AOCE system software: the Authentication 
Manager, Catalog Manager, Interprogram 


Messaging Manager, and Digital Signature 
Manager. See also Collaboration package, 
Collaboration toolbox. 

API Application programming interface. 

AppleMail format See standard interchange 
format. 

AppleTalk Secure Data Stream Protocol 
(ASDSP) A networking protocol that provides 
reliable transmission of an encrypted stream of 
bytes between two authenticated entities on an 
AppleTalk internet. ASDSP is a secure version of 
AppleTalk Data Stream Protocol (ADSP). 

approval file A file you receive from a 
signature-authorization-issuing agency. You use 
this file to activate your signer file. 

approval request A notarized (or otherwise 
authorized) request to issue a public-key 
certificate. The approval request includes what is 
intended to be the public key of the certificate's 
owner. 

approved signer file See signer file . 

approving agency See certificate issuer. 

ASDSP See AppleTalk Secure Data Stream 
Protocol. 

aspect A structure in memory that contains 
properties provided by an aspect template. An 
aspect might also contain code provided by the 
code resource in an aspect template 

aspect template An AOCE template that 
specifies how attributes in a record are to be 
parsed into properties for display in an 
information page. An aspect template can also 
specify certain constant property values and can 
contain a code resource that translates between 
property types and implements features in 
information pages. See also information page 
template. 
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attribute The smallest unit of data in an AOCE 
catalog; the data within a record is organized into 
attributes. Each attribute has a type indicating 
the type of data, a tag indicating the format of the 
data, a creation ID, and data (the attribute value). 

attribute creation ID A number assigned by a 
catalog that uniquely identifies an attribute value 
within a record. It persists for as long as the 
attribute value exists and is never reused. Not all 
catalogs support attribute creation IDs. See also 
pseudo-persistent attribute creation ID. 

attribute tag See attribute value tag. 

attribute type The type of data in an attribute; 
for example, telephone number or picture. A 
record can contain more than one attribute type, 
and there can be more than one attribute value of 
the same attribute type in a record. 

attribute value The data in an attribute. 

attribute value tag The format of the data in an 
attribute value. 

authentication Verification of the identification 
of an entity on a network or of one end of a 
communication link. 

authentication identity See identity. 

Authentication Manager The part of the 
Macintosh Operating System that authenticates 
users of AOCE messaging and catalog services 
and provides authentication services to 
applications. 

authentication server A secure network-based 
server that holds the client keys of users and 
services and generates credentials that allow 
users to do mutual authentication. 

bcc recipient A "blind courtesy copy" recipient 
of a letter. Bcc recipients are not listed in copies of 
the letter received by To and cc recipients. See 
also original recipient. 

block creator A four-character sequence that 
indicates which application created a message 
block; analogous to a file's creator in HFS. 

block type A code that indicates the format of 
the data contained within a message block. 


callback routine (1) An application-defined 
routine called by the Operating System. When 
you call certain functions, you provide a pointer 
to a callback routine, and the function installs 
your routine in memory. Then when a certain 
event occurs, the Operating System calls your 
callback routine. See also completion routine. 

(2) A function provided by the CE to provide a 
service for aspect code resources. When the CE 
calls your code resource, your code resource can 
call the CE's callback routines. 

catalog See AOCE catalog. 

Catalog Browser A Finder extension that 
allows a user to search through an AOCE catalog 
by opening folders on the desktop. 

catalog discriminator A name and reference 
number that uniquely identifies a catalog. 

Catalog Manager The part of the Macintosh 
Operating System that manages the organization, 
reading, and writing of data in AOCE catalogs. 

catalog node See dNode. 

catalog service access module (CSAM) A code 
module, implemented as a device driver, that 
makes an external catalog available within an 
AOCE system by supporting the Catalog 
Manager API. 

catalog service function A CS AM-defined 
function that responds to requests for AOCE 
catalog services from clients of the Catalog 
Manager. 

Catalogs Extension An extension to the Finder 
that makes it possible for the Finder to display 
the contents of AOCE catalogs and for the user to 
edit the contents of records. 

cc recipient A "courtesy copy" or secondary 
recipient of a letter. See also original recipient . 

CE See Catalogs Extension. 

certificate See public-key certificate . 

certificate issuer The organization that 
authorized, or issued, a particular public-key 
certificate. Each certificate is digitally signed by 
its issuer. 
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certificate owner The person or organization to 
which a particular public-key certificate has been 
issued. Each certificate contains the public key of 
its owner. 

certificate request See approval request. 

certificate set A chain of public-key certificates 
that, combined with a digital signature, make up 
a full signature. A certificate set consists of the 
public-key certificate of the signer (owner), 
digitally signed by the organization that issued 
the certificate; plus the certificate of the issuing 
organization, signed by the organization that 
issued that certificate; and so on, until the last 
signature is that of the prime issuing 
organization. The certificate set provides the 
signer's public key for decryption of the signer's 
signatures and ensures the validity of that public 
key. 

certification authority See certificate issuer. 

chain of certificates See certificate set. 

client key A key that is known only to a 
specific entity and to the authentication server. 

Collaboration package The high-level APIs for 
the AOCE system software collaboration 
managers: the Standard Mail Package and the 
Standard Catalog Package. See also 
Collaboration toolbox. 

Collaboration toolbox The low-level APIs for 
the AOCE system software collaboration 
managers: the Authentication Manager, Catalog 
Manager, and Interprogram Messaging Manager. 
See also AOCE toolbox, Collaboration package. 

completion routine A callback routine you can 
specify when you execute a function 
asynchronously. When the function completes 
execution, it calls your completion routine. 

conditional view A view in an information 
page that is displayed only if certain conditions 
are met in the aspect associated with that 
information page. 

content block A message block that contains 
the body of a letter in standard interchange 
format. 


content enclosure An enclosure that contains a 
letter's content. It may be the sole content in a 
letter or be accompanied by content in a content 
block, an image block, or both. See also regular 
enclosure. 

context A data structure used by some Digital 
Signature Manager routines to hold information 
and the results of calculations needed when 
processing data. See also queue context. 

copying As used by AOCE utility routines: the 
process of taking the contents of each field in a 
source structure and placing them in the 
corresponding field of a destination structure. 
This process includes all nested structures as 
well. Compare duplicating . 

creation ID See attribute creation ID, 
record creation ID. 

credentials Encrypted information provided by 
a server and sent by an initiator to a recipient as 
part of the authentication process. The 
credentials contain the session key and the 
initiator's identification. 

CSAM See catalog service access module. 

current block The message block last added to 
a message. 

decrypt To restore encrypted data to its 
previous, legible (unscrambled) state. In most 
cryptographic systems decryption is performed 
by mathematically manipulating the data with a 
large number called a key. 

delivery indication Information within a report 
that indicates the successful delivery of a specific 
message to a specific recipient. 

DES Data Encryption Standard. 

DES encryption A form of secret-key 
encryption used by the Digital Signature 
Manager solely for keeping users' private keys 
secure. See also secret key cryptography. 

digest A number, 16 bytes long, that is 
calculated from the contents of a given set of 
data. A digest is like a sophisticated checksum; it 
is almost impossible for two data sets of any size 
with any difference to yield the same digest 
value. 
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digital signattire A data structure associated 
with a document or other set of data. The digital 
signature uniquely identifies the person or 
organization that is signing, or authorizing the 
contents of, the data and ensures the integrity of 
the signed data. It is a digest of the data to which 
the signature applies, encrypted with the private 
key of the signer. A digital signature can be 
verified by decrypting with the signer's public 
key. Same as encrypted digest . See also full 
signature. 

Digital Signature Manager The part of the 
Macintosh Operating System that manages 
digital signatures and certificates. 

distinguished name The complete identifier of 
the owner or issuer of a certificate. A 
distinguished name includes elements such as 
common name, organization, street address, and 
country. 

dNode A container within an AOCE catalog 
that contains records, other dNodes, or both. 

dNode number A number assigned by a 
catalog that uniquely identifies a catalog node 
within that catalog. Not all catalogs support 
dNode numbers. See also pathname. 

dNode window A Finder window that 
displays the dNodes and records contained in a 
dNode. 

duplicating As used by AOCE utility routines: 
the process of copying the pointers to data 
structures and not the actual data structures 
themselves. Compare copying. 

enclosure A file or folder sent along with a 
letter, like an attachment to a conventional 
hard-copy letter. See also content enclosure, 
regular enclosure. 

encrypt To hide data by putting it into a 
scrambled (illegible) state, in such a way that its 
original state can be restored later. In most 
cryptographic systems encryption is performed 
by mathematically manipulating the data with a 
large number called a key. 

encrypted digest See digital signature. 

encryption key See key. 


extension type A four-character value that 
identifies a type of messaging system that uses a 
specific addressing convention; for example, an 
AppleLink system or an X.400 system. 

external catalog A catalog or database 
accessible to AOCE-enabled applications through 
the Catalog Manager API. For a user to have 
access to an external catalog, the user's AOCE 
system must include a CSAM for that catalog 
service. 

external messaging system Any non- AOCE 
messaging system. 

external service A service that is not provided 
automatically with Power Talk system software 
and PowerShare servers. 

file type template An AOCE template that 
extends the list of file types that may contain an 
AOCE template. During system startup, the 
Catalogs Extension searches for AOCE templates 
in files whose types are on the list. 

focus box See focus rectangle. 

focus rectangle A heavy border around a panel 
or around the content portion of a window. This 
border indicates to the user that the area it 
encloses is active and that any subsequent 
key-down event pertains to that portion of the 
window. Also called focus box. 

foreign dNode A dNode in a PowerShare 
catalog used by AOCE system software to route 
messages to an external messaging system 
through a server MS AM. 

Forwarder record A catalog record that 
contains identifying information about a server 
MS AM. 

forwarder template An AOCE template that 
allows existing aspect templates and information 
page templates to be used for new types of 
records and attributes. 

From recipient The sender of a message. See 
also original recipient . 

full digital signature See full signature. 

full signature A digital signature plus the 
certificate set of the signer. The Digital Signature 
Manager creates and verifies full signatures. 

Same as full digital signature. 
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identity A number used as shorthand for the 
name and key or name and password of a user or 
service. See also local identity, specific identity. 

image block A message block containing a 
graphic representation of a letter's content. It 
may be the sole content in a letter or be 
accompanied by content in a content block, a 
content enclosure, or both. The format of data in 
an image block is sometimes referred to as 
snapshot format. 

incoming message A message coming into an 
AOCE system from an external messaging 
system. 

incoming queue A queue belonging to a mail 
slot into which a personal MSAM puts letters 
coming into an AOCE system from an external 
system. 

information card An HFS file located on a 
user's local disk that contains a single record. 

information page A formatted display of data 
and controls, similar in appearance to a dialog 
box, showing information about an AOCE 
catalog record or a portion of a record. See also 
information page template. 

information page template An AOCE template 
that defines the layout and contents of an 
information page, using the properties in a 
specific aspect. 

information page window A window that 
contains one or more information pages. If the 
window contains more than one information 
page, only one information page is displayed at a 
time. In that case, the window contains a pop-up 
menu with a list of the information pages 
available. 

initiator The originator of the authentication 
process. 

intermediary A representative of a user or 
service that uses a proxy to obtain credentials for 
mutual authentication and then performs some 
function for the user or service represented. 

Interprogram Messaging Manager (IPM) The 
part of the Macintosh Operating System that 
manages the creation, sending, and receiving of 
messages. IPM messages conform to a specific 
structure and can be transmitted over an 


AppleTalk network or any other communication 
link. The Interprogram Messaging Manager 
provides store-and-forward messaging services 
for Macintosh computers. 

issuer See certificate issuer. 

issuing organization See certificate issuer. 

key A number used by an encryption algorithm 
to encrypt or decrypt data. 

Key Chain See PowerTalk Key Chain . 

Key Chain Access Code The master password 
providing access to a PowerTalk Key Chain. 

killer template An AOCE template that 
disables other AOCE templates. A killer template 
can disable any type of AOCE template except 
another killer template. 

large-catalog mode A set of algorithms used by 
certain components of a PowerTalk system when 
retrieving information from large catalogs and 
displaying that information to the user. 

letter A type of message consisting of a defined 
set of message blocks. A letter is intended to be 
read by a person. See also mailer, non-letter 
message. 

letter attribute A piece of information about a 
letter stored in the letter header or the letter's 
message summary. Letter attributes include 
information such as the sender, the subject, the 
time the letter was sent, and so forth. Not to be 
confused with attribute. 

letter header block A message block found in 
every letter. It contains recipient information and 
letter attributes. 

local identity A number used as shorthand for 
the name and password of the principal user of a 
particular computer. A local identity gives the 
user access to all the services for which names 
and passwords are stored in the PowerTalk Setup 
catalog. See also specific identity. 

lookup table A resource in an aspect template 
that parses attribute values into properties and 
properties into attribute values. A lookup table 
contains an entry for each type of attribute value 
to be translated into and from properties. 

mail A term used to refer collectively to letters. 
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mailer A region added to a document window 
that transforms the document into a letter. The 
mailer enables the user to enter addresses and 
subject information, enclose other files and 
folders in the letter, and add a digital signature to 
the letter. 

mailer set All of the mailers belonging to a 
forwarded letter. 

mail slot A personal MSAM slot that serves to 
transfer letters. See also slot. 

main aspect An aspect that contains the 
properties the CE needs to fill in the data for an 
item in a sublist. Compare main view aspect. 

main aspect template A template for a main 
aspect. 

main enclosure See content enclosure. 

main view aspect An aspect that provides the 
properties for all the views in the main portion of 
an information page; that is, all of the 
information page except for the items in a sublist. 
Compare main aspect. 

Master Key password The password of the 
principal user of a computer. This password 
unlocks the local identity and provides access to 
the services represented in the Power Talk Setup 
catalog. 

message The basic unit of communication 
defined by the Interprogram Messaging 
Manager. The term message is used as an 
inclusive term to refer both to letters and 
non-letter messages. See also letter, non-letter 
message. 

message block A component of a message 
consisting of a sequence of any number of bytes 
whose format is governed by the block creator 
and block type. 

message creator A four-character sequence that 
indicates which application created a message; 
analogous to a file's creator in HFS. 

message family A set of messages grouped 
according to similar characteristics. Messages of 
the same family conform to the syntax of a 
defined set of message block types and their 
associated semantics. 


message header That part of a message that 
contains control information about the message 
such as the message creator and message type, 
the total length of the message, the time it was 
submitted, addressing information, and so forth. 

message mark A marker, used by the IPM 
Manager, that points to the current location 
within a message that is being created. 

message queue A set of messages maintained 
by the IPM Manager on a recipient's disk or the 
disk of a message server. 

message summary A set of data used by the 
Finder to display an incoming letter to a user. 

message type A code that indicates the 
semantics of the message, the block types the 
message should contain, and the relationships 
among the various blocks in the message. 

messaging service access module (MSAM) A 
foreground or background application that 
makes an external messaging system accessible 
from within an AOCE system. It translates and 
transfers letters, non-letter messages, or both 
between an AOCE system and an external 
messaging system. See also personal MSAM, 
server MSAM. 

messaging slot A personal MSAM slot that 
serves to transfer non-letter messages. See also 
slot. 

messaging system A combination of hardware 
and software that gives users or processes the 
ability to exchange messages. 

MSAM See messaging service access module. 

mutual authentication Authentication of both 
ends of a communication link accomplished by 
exchanging a series of encrypted challenges and 
replies. 

nested letter A complete letter included whole 
within another letter. 

nested message Any type of message included 
whole within another message. 

nesting level An indication of how many 
messages are nested within a given message. For 
example, a letter that contains one nested letter 
has a nesting level of 1, and a letter that contains 
no nested letters has a nesting level of 0. 
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non-delivery indication Information within a 
report that indicates unsuccessful attempts to 
deliver a specific message to a specific recipient. 

non-letter message A message sent from one 
application or process to another, not intended to 
be read by people. Compare letter. 

online mode A mode of operation available 
only to personal MS AMs in which the MSAM 
actively manages letters in a user's AOCE 
mailbox and in the user's accounts on external 
messaging systems, reflecting changes in one to 
the other, keeping both ends synchronized to the 
degree possible. 

original recipient Any of four specific types of 
recipient that can be specified by the sender of a 
message: To, From, cc, or bcc. An original 
recipient may be a group address. A non-letter 
message can include only From and To 
recipients. See also resolved recipient. 

outgoing message A message that is leaving 
an AOCE system to go to an external messaging 
system. 

outgoing queue A queue from which an 
MSAM reads messages that it must deliver to an 
external messaging system. 

owner See certificate owner. 

packing The process of compacting or 
"flattening" a complex data structure into a 
sequence of bytes. Compare unpacking. 

parse function A CSAM-defined function that 
responds to requests for AOCE parse services 
from clients of the Catalog Manager. 

partial pathname In an AOCE catalog, a value 
that uniquely identifies a catalog by specifying a 
dNode number and continuing with the name of 
each dNode under that one to the dNode in 
question. 

password In digital signatures, a set of 
characters used as a key to encrypt and decrypt a 
certificate owner's private key. 

password encryption See DES encryption. 

pathname In an AOCE catalog, a string that 
uniquely identifies a catalog node by specifying 
the name of each catalog node in the catalog 


starting from the first node under the root node 
and including each intervening node to the node 
in question. See also dNode number. 

personal catalog An AOCE catalog created and 
managed by the Catalog Manager. A personal 
catalog is an HFS file located on a user's local 
disk. A personal catalog can store any records 
that can be kept in a PowerShare catalog and is 
often used to store frequently used information 
from such a catalog. 

personal MSAM An MSAM that transfers 
messages between the user's Macintosh and 
specific user accounts on an external messaging 
system. A personal MSAM runs on a user's 
Macintosh. Compare server MSAM. 

physical queue The actual data of a message 
queue residing on a disk. A physical queue can 
have any number of associated virtual queues. 
See also virtual queue. 

PMSAM See personal MSAM. 

PowerShare catalog An AOCE server-based 
catalog provided by Apple Computer, Inc. See 
also external catalog. 

PowerShare server A server installed on an 
AppleTalk network to provide catalog services to 
any number of entities on that network. A 
PowerShare server can also identify and 
authenticate users to ensure that only authorized 
people or agents gain access to the catalog 
information. 

PowerTalk Key Chain The Power Talk software 
that sets up and maintains a user's PowerTalk 
Setup catalog. 

PowerTalk Setup catalog A special personal 
catalog that contains information about the mail 
and messaging services, catalog services, and 
other services available to the owner of the 
computer. See also local identity. 

PowerTalk system software Apple Computer's 
implementation of the AOCE system software for 
use on Macintosh computers. The PowerTalk 
system software includes desktop services as 
well as all of the services of the AOCE system 
software managers. 
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private key One of a pair of keys needed for 
private-key cryptography. Every user has a 
private key kept by the user and known only to 
the user. 

property An individual, self-contained piece of 
information, such as a number or a string. A 
property is defined in an aspect template and 
stored in an aspect in memory. 

property command Any command handled by 
your AOCE template code resource's 
kDETcmdPropertyCommand routine. The CE 
calls your code resource with the 
kDETcmdPropertyCommand routine selector 
when the user clicks a button or checkbox in your 
information page, when the user selects an item 
in a pop-up menu in your information page, and 
in a few other circumstances. 

property number A reference number assigned 
to a property by an aspect template. The property 
number uniquely identifies that property within 
that aspect. 

property type A constant associated with a 
property that specifies the nature of the data in 
the property value. For example, a property type 
can be a number, a string, or a custom type 
defined by a developer. 

property value The data associated with a 
property. 

proxy A privilege provided by a user or service 
to an intermediary. The proxy allows the 
intermediary to be authenticated as the user or 
service for a limited period of time. 

pseudonym An alternative name for a record in 
a Catalog Manager routine. 

pseudo -persistent attribute creation ID A 
number that uniquely identifies an attribute 
value within a record. It persists from the time 
the CSAM is opened at system startup until 
system shutdown. See also attribute creation ID. 

public key One of a pair of keys needed for 
public-key cryptography. Every user has a public 
key, which can be distributed to other users. 


public-key certificate A document that 
contains, among other information, the name and 
public key of a user. The user is the owner of the 
certificate. See also signed certificate, certificate 
set. 

public-key cryptography A system of 
cryptography in which every user has two keys 
to encrypt and decrypt data: a public key and a 
private key. Data encrypted with a user's public 
key can be decrypted only with that same user's 
private key. Likewise, data encrypted with a 
user's private key can be decrypted only with 
that user's public key. 

quasi-batch mode A mode of operation 
available only to personal MS AMs in which the 
MS AM complies with the minimum 
requirements of online mode. See also online 
mode. 

queue context A grouping of virtual message 
queues. When you close a queue context, you 
simultaneously close all of the queues associated 
with that context. See also virtual queue. 

recipient (1) The end of a communications link 
that receives credentials and a challenge from the 
initiator. The recipient must respond correctly to 
establish an authenticated connection. (2) An 
addressee on an AOCE message. See also 
original recipient, resolved recipient. 

record The fundamental container for data 
storage in an AOCE catalog; analogous to a file in 
the HFS hierarchy. A record can contain any 
number of attributes. 

record alias A record that enables you to store 
information about another record. For example, 
an alias could store in its attribute value the 
record location information for the original 
record. 

record creation ID A number that uniquely 
identifies a record within a catalog. Not all 
catalogs support record creation IDs. 

record ID The identity of a record, comprising 
the record name, record type, record creation ID, 
and record location information. See also record 
creation ID, record type. 
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record reference An attribute that identifies a 
specific catalog record. 

record type A value that indicates the type of 
entity represented by a record — for example, 
LaserWriter, User, or Group. 

regular enclosure Any message enclosure that 
is not a content enclosure. See also content 
enclosure, enclosure. 

report A message with a defined set of 
message blocks used to send delivery and 
non-delivery indications to the sender of the 
message. 

resolved recipient A recipient to which an 
MS AM must deliver a message. See also original 
recipient. 

RSA RSA Data Security, Inc., a prime issuing 
organization for public-key certificates. 

SAM See service access module . 

secret-key cryptography A system of 
cryptography in which a single key is used to 
both encrypt and decrypt data. All who wish to 
share information must share the same key and 
keep it secret from all others. 

server A program or process that provides 
some service to other processes on a network. 

server MS AM An MS AM that transfers 

messages for multiple users on the AppleTalk 
network to which it is connected. It transfers 
messages between a PowerShare mail server and 
an external messaging system. A server MS AM 
must run on the same Macintosh as a 
PowerShare mail server. Compare personal 
MSAM. 

service access module A software component 
that provides a PowerTalk user with access to 
external mail and messaging services or catalog 
services. 

session key A key provided by an 
authentication server to be used by both the 
initiator and the recipient for mutual 
authentication. The session key remains valid for 
a limited time period. 

Setup catalog See PowerTalk Setup catalog. 


Setup record A record in the PowerTalk Setup 
catalog containing record references to all records 
in the PowerTalk Setup catalog that represent 
slots, catalogs, and other items. 

setup template A set of AOCE templates that 
allow a user to install and configure a service 
access module. 

sign As used by the Digital Signature Manager: 
To create a digital signature and affix it to a 
document or other piece of data. By signing, the 
signer authorizes the content of the data, protects 
it from alteration, and asserts his or her identity 
as the signer. 

signature See digital signature. 

signature resource A resource in an AOCE 
template that specifies the type of the template 
and the base ID number for the template. Other 
standard template resources have ID numbers 
equal to the signature resource's ID number plus 
some offset value. 

signed certificate A public-key certificate that 
has been digitally signed by its issuer. Like any 
digital signature, the signature on a certificate 
ensures the integrity of the certificate (including 
its public key) and proves the identity of the 
signer (the issuer of the certificate). 

signed digest See encrypted digest. 

signer The individual or organization that signs 
a document or other piece of data. To create a 
signature, a signer must be the owner of a 
public-key certificate. 

signer file A file used by a signer to create a 
digital signature. It consists of the signer's 
encrypted private key and the signer's certificate 
set. 

Simple Mail Transfer Protocol (SMTP) A 
protocol for the exchange of electronic mail. 
Computers connected to the Internet often use 
this protocol. 

SMSAM See server MSAM. 

snapshot format See image block. 

specific identity A number used as shorthand 
for the name and key of an alternate user on a 
computer to provide access to a specific catalog 
or mail service. See also local identity. 
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stand-alone attribute A record that contains 
only one attribute, extracted from another 
record. Although technically a record, the 
AOCE software treats a stand-alone attribute 
like an attribute in most circumstances. 

The record type of a stand-alone attribute 
begins with the value of the constant 
kAttributeValueRecTypeBody. 

Standard Catalog Package The part of the 
Macintosh Operating System that manages find 
and browse panels for AOCE catalogs. 

standard content See standard interchange 
format. 

standard interchange format A set of data 
formats that consists of plain text, styled text, 
sound (AIFF), images (PICT), and QuickTime 
movies ( ' MooV' ). 

Standard Mail Package The part of the 
Macintosh Operating System that manages 
mailers and makes it easy for applications to 
create and send letters. 

standard mode A mode of operation available 
to server MS AMs and to personal MSAMs that 
deal with non-letter messages. An MS AM 
operating in standard mode hands off an 
incoming message to an AOCE system. It is the 
AOCE system, not the MSAM operating in 
standard mode, that is responsible for delivering 
the message to the ultimate destination. 

store- and-forward gateway A link between 
different messaging systems, sometimes bridging 
different physical media, providing temporary 
data storage, and, where necessary, address 
translation. 

store- and-forward messaging A method of 
delivering messages that provides for temporary 
storage and forwarding of a message from one 
location to another, sometimes through several 
intermediate store-and-forward gateways or 
servers. 

store-and-forward server A server that 
provides store-and-forward messaging services. 
PowerShare servers are store-and-forward 
servers. 


stiblist A list of attributes that appears as a 
distinct subset of the items displayed in an 
information page window, or a list of records that 
appears in a dNode window. 

tag See attribute value tag. 

TCP/IP Transmission Control Protocol / Internet 
Protocol. The major transport protocol and the 
network layer protocol typically used in 
communicating messages over the Internet. 

template See AOCE template. 

To recipient A principal recipient of a message. 
See also original recipient. 

unapproved signer file A file created by the 

MacSigner application when it creates an 
approval request. The unapproved signer file 
contains a DES-encrypted number that is 
intended to be the user's private key. 

universal coordinated time (UTC) The same as 
Greenwich Mean Time (GMT); the standard time 
as established by the Royal Observatory at 
Greenwich, England. 

unpacking The process of reconstructing a data 
structure from a sequence of bytes. Compare 
packing. 

User record A catalog record representing an 
entity that has an account on an AOCE 
messaging or catalog server. A User record 
contains electronic addresses and biographical 
information about the entity that can be read by 
users of the system, as well as information about 
the entity's access privileges and password for 
use by the AOCE software. 

UTC See universal coordinated time. 

verify To establish the authenticity of a digital 
signature. Verification consists of determining 
that the signed document has not changed since 
it was signed and affirming that the public key 
used to decrypt the signature is valid. 

view An item or field in an information page 
displaying one or more property values. 
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view list A data structure that specifies 
individual views on an information page. Each 
item in the list includes the graphic rectangle 
containing the view, the number of the property 
that provides the information to be displayed, the 
type of view, and information specific to that 
view type. 

virtual queue A view of a physical message 
queue through which an application can open, 
close, and list messages. More than one virtual 
queue can be associated with a single physical 
queue. See also physical queue. 
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